Our new PF_RING/Snort/Suricata packages have reached Release Candidate status! Since these packages are critical components, I'd like to do one final phase of testing before promoting to stable. If at all possible, please try installing on some of your production sensors so that we can get some real world testing before promoting to stable.
Join the discussion here:
https://groups.google.com/d/topic/security-onion-testing/mKVn-GAPaIg/discussion
Will the Suricata package support the XFF field?
ReplyDeletethanks!
Hi Anonymous,
ReplyDeleteI believe XFF support was added in Suricata 2.0. Please see:
http://suricata-ids.org/2014/03/25/suricata-2-0-available/